defirisk.co
rubric v1.7.0

Multipli

Multi-chain yield aggregator issuing ERC-4626 xTokens (xUSDC, xUSDT, xBTC, xETH) backed by institutionally-managed delta-neutral/market-neutral strategies (managers: Nomura/LaserDigital, Fasanara, Edge Capital) and rwaUSD, a credit-backed stablecoin aggregating 100+ tokenized RWA collateral types. V1 used StarkEx as L2 (deprecated); V2 is pure EVM across 6 chains. Pre-TGE: ORBs points campaign active, MULT governance token not yet launched. Corporate/no-DAO admin structure. PD-042 RWA factor-flips DO NOT APPLY.

Sector yield
TVL $366.2M
Reviewed May 17, 2026
Factors 184
Categories 13
Risk score 38.1
DeploymentsEthereum · $178.9M
01

Risk profile at a glance

1 red · 5 yellow · 7 green
25 24 17 13 15 22 16 10 13 12 8 5 4
02

Categories & evidence

184 factors · 13 categories
Code & audits Green 17 25 of 25
RD-F-007 red Bug bounty presence & max payout HackenProof program multipli-smart-contracts is active (started 2026-02-24). Max payout: $10,000. This is below the $50K yellow threshold. For $366M TVL, max payout/TVL = 0.0027%. Program launched 6 months after V2 August 2025 launch, leaving a gap with no bounty coverage. RD-F-009 red Formal verification coverage No Certora, Halmos, Kani, or equivalent formal verification found in GitHub repo, audit reports, or protocol documentation. The README explicitly acknowledges four protocol-level design issues (yield sandwich, fee inconsistency, asset/share mismatch, share price impact during redemptions) that FV would directly address — confirming FV is applicable but absent. RD-F-001 yellow Audit scope mismatch Two Shieldify V2 EVM audits exist (#88 May 2025, #95 June 2025). Both PDFs are scanned-image format — no commit SHA is extractable. Avalanche implementation 0xb63601A11c5bDC79D511B8F73871d7C0d8B57AE9 is source-verified at solc 0.8.30 matching audit period, but a direct bytecode-to-report-commit-SHA match cannot be confirmed. Material divergence not proven, but unverifiable. RD-F-004 yellow Audit count Only Shieldify has code-audited the V2 EVM deployed contracts (#88, #95). ChainRisk conducted an economic risk review only. The 6 unlabeled docs.multipli.fi PDFs appear to be StarkEx/V1-era and are excluded. One distinct code-audit firm for V2. RD-F-005 yellow Audit firm tier Shieldify Security is the sole V2 code audit firm. Shieldify has a public portfolio of 150+ audits and is a named, established firm, but is not in the Tier-1 set (Trail of Bits, OZ, ConsenSys Diligence, Certora, Sigma Prime, Spearbit, Zellic). Classified Tier-2. RD-F-014 yellow Reentrancy guard on external-calling functions Core user functions (deposit, mint, requestRedeem, requestInstantRedeem, flashRedeem) carry nonReentrant. The manage() function performs external calls via functionCallWithValue() with requiresAuth only — no nonReentrant guard. Attack surface is constrained to authorized FUND_MANAGER_ROLE holders, not general users. VaultFundManager functions (removeFundsFromVault, updateUnderlyingBalance, addFundsAndFulfillRedeem, flashRedeem) have nonReentrant. RD-F-183 yellow Bug bounty scope gap on highest-TVL contracts HackenProof program describes scope as 'on-chain smart contract code' broadly but lists no specific contract addresses. Highest-TVL contracts on Ethereum (~$178.9M) and Base (~$110M) have no published addresses, making scope verification impossible. rwaUSD contract suite not explicitly in scope. Max $10K payout provides minimal economic incentive for whitehat coverage of highest-TVL contracts. Scope is ambiguous rather than explicit exclusion. RD-F-003 gray Resolved-without-proof findings Both Shieldify audit PDFs are image-based (scanned). Finding counts, severity classifications, and resolution status cannot be extracted. GitHub audits/ directory returned 404. No secondary source listing resolved finding IDs found. RD-F-006 gray Audit-to-deploy gap Shieldify #95 signed off June 2025. Avalanche proxy deploy transaction date not obtained (Snowtrace API returned source but not creation timestamp). Gap is unquantified. RD-F-010 gray Static-analyzer high-severity count No published Slither/Mythril/Semgrep output available. Source is verified on Avalanche (0xb636) enabling a tool run, but no public analysis result exists. Specific vulnerability patterns (reentrancy, arithmetic) were manually inspected and reported separately in F012-F019. RD-F-024 gray Code complexity vs audit coverage Both Shieldify PDFs are image-based — LOC counts, audit duration, and page counts not extractable. Full production codebase (rwaUSD 11+ contracts) is not in public repo. Ratio uncomputable.
RD-F-002 green Audit recency Most recent V2 EVM audit is Shieldify #95 (Multipli Vault, June 2025). As of 2026-05-17 approximately 350 days — within the ≤365-day green threshold.
RD-F-008 green Ignored bounty disclosure No prior security incidents in Rekt database, DeFiLlama hacks feed, or OSINT. No evidence of ignored disclosure.
RD-F-011 green SELFDESTRUCT reachable from non-admin path Source inspection of MultipliVault implementation, VaultFundManager, and VariableVaultFee finds no SELFDESTRUCT opcode in any contract.
RD-F-012 green delegatecall with user-controlled target No delegatecall operations found in MultipliVault, VaultFundManager, or RolesAuthority source code. No user-controlled delegatecall vector present.
RD-F-013 green Arbitrary call with user-controlled target manage() calls external targets but validates both caller and target via authority().canCall(msg.sender, target, functionSig) through RolesAuthority. Per-target, per-function-selector allowlist enforced. Unauthorized combinations revert with TargetMethodNotAuthorized. Not an unconstrained arbitrary call.
RD-F-015 green ERC-777/1155/721 hook without reentrancy guard MultipliVault exclusively uses ERC-20 assets (IERC20 + SafeERC20) and ERC-4626 shares. No ERC-777, ERC-1155, or ERC-721 integration present. No callback-bearing token standards integrated.
RD-F-016 green Divide-before-multiply pattern MultipliVault _calculatePercentageChange() uses OZ Math.mulDiv() (multiply before divide with overflow protection). VaultFundManager similarly uses mulDiv. No raw divide-before-multiply patterns identified.
RD-F-017 green Mixed-decimals math without explicit scaling ERC-4626 vault over a single underlying ERC-20 asset. No cross-token arithmetic over different decimal tokens. VariableVaultFee uses DENOMINATOR normalization for percentage calculations.
RD-F-018 green Signed/unsigned arithmetic confusion No signed-integer confusion detected in verified source inspection. Contract uses uint256 throughout for token amounts and share calculations, consistent with ERC-4626 standard.
RD-F-019 green ecrecover zero-address return unchecked No ecrecover calls found in MultipliVault, VaultFundManager, VariableVaultFee, or RolesAuthority. EIP-2612 permit-style functionality not implemented. Factor effectively N/A but scored green (no vulnerability present).
RD-F-020 green EIP-712 domain separator missing chainId No EIP-712 domain separator or permit-style signatures implemented in V2 vault contracts. Protocol does not use meta-transactions or off-chain signed messages for vault operations. Factor effectively N/A but scored green.
RD-F-021 green UUPS _authorizeUpgrade correctly permissioned MultipliVault uses UUPS proxy pattern. _authorizeUpgrade(address newImplementation) is internal virtual override requiresAuth — gated by RolesAuthority, not open to arbitrary callers.
RD-F-022 green Public initialize() without initializer modifier MultipliVault implementation: initialize(IERC20 _asset, address _owner, string _name, string _symbol) public initializer — OZ initializer modifier present. Constructor: constructor() { _disableInitializers(); } — locks implementation against direct re-initialization. Pattern is correct. No one-tx exploit risk.
RD-F-023 green Constructor calls _disableInitializers() MultipliVault implementation constructor calls _disableInitializers() (confirmed via Snowtrace API). VaultFundManager is non-upgradeable — no proxy pattern, factor not applicable to that contract.
Governance & admin Red 62 24 of 24
RD-F-025 red Admin key custody type MultipliBridger owner is bare EOA 0x151799d9072b0Ca939550906E7E79506bF4BeeE3 (confirmed from deploy tx and readContract). Avalanche vault RolesAuthority initialized with owner = deployer EOA 0x8cFee31bf3A57EC2C86D9e0f476Bd36aCA611Fa5. No Safe multisig found in pipeline cache (safe_multisigs=[]) or on-chain. Categorical classification: EOA. RD-F-026 red Upgrade multisig signer configuration (M/N) Both confirmed admin addresses are bare EOAs (M=1, N=1, display=1/1). No multisig found. RD-F-027 red Single admin EOA [CRITICAL] MultipliBridger owner is bare EOA 0x151799d9072b0Ca939550906E7E79506bF4BeeE3 with no timelock (confirmed via Etherscan contract read). Avalanche vault owner is bare EOA 0x8cFee31bf3A57EC2C86D9e0f476Bd36aCA611Fa5 (confirmed via Snowtrace). eth_getCode on both = 0x (EOA per profile bootstrap). No multisig, no timelock on any chain. RD-F-032 red Timelock duration on upgrades No on-chain timelock contract found on any chain. Docs claim 24-hour delay for rwaUSD parameter changes but no TimelockController address is published or deployed as of 2026-05-17. MultipliVault UUPS upgrades gated by requiresAuth only (no TimelockController intermediary). Deployment script Base.s.sol deploys no timelock. RD-F-033 red Timelock on sensitive actions No timelock on any of the five action categories. Mint: gated by requiresAuth only (no timelock). Pause: requiresAuth only. Rescue/removeFunds: owner-direct on MultipliBridger; requiresAuth on vault (no timelock). setOracle/FUND_MANAGER_ROLE: set by owner via RolesAuthority with no delay. Upgrade (_authorizeUpgrade): requiresAuth only. RD-F-041 red Rescue/emergencyWithdraw without timelock [CRITICAL] MultipliBridger: removeFunds(address token, address to, uint256 amount) and removeFundsNative(address to, uint256 amount) callable by owner EOA with no timelock delay. MultipliVault: removeFunds(uint256 amount, address to) callable via requiresAuth (owner or authority) with no timelock. Both contracts allow unilateral fund drain in a single transaction by the controlling EOA. RD-F-043 red Admin = deployer EOA after 7 days [CRITICAL] MultipliBridger deployed 2025-01-15 by 0x151799d9072b0Ca939550906E7E79506bF4BeeE3; same EOA is current owner 16 months later (no OwnershipTransferred event). Avalanche vaults deployed ~10 months ago by 0x8cFee31bf3A57EC2C86D9e0f476Bd36aCA611Fa5; same EOA confirmed as RolesAuthority owner; no transfer to multisig evidenced. Both satisfy admin=deployer EOA condition well beyond 7-day threshold. RD-F-030 yellow Hot-wallet signer flag MultipliBridger owner EOA 0x151799d9... has 9,891 transactions with recent daily Withdraw calls — high-velocity pattern consistent with hot wallet or automated signer. No hardware signing indicators. Assessed yellow (not green = no confirming hardware evidence; not red = automated protocol operations could explain pattern without being a 'hot wallet' in rug-risk sense). RD-F-031 yellow Signer rotation recency No multisig signer rotation to measure. MultipliBridger owner has not changed since deploy (January 2025, 16+ months). No threshold-reduction event applicable. Assessed yellow: static EOA control means no rotation — which is neither the positive (routine key hygiene) nor the DPRK precursor pattern. The 16-month stale single-EOA pattern is a separate concern captured by F043. RD-F-034 yellow Guardian/pause-keeper distinct from upgrader MultipliVault pause() and _authorizeUpgrade() both use requiresAuth — same auth system, meaning the same key (owner EOA) can both pause and upgrade. Docs describe a conceptual Guardian role but no distinct on-chain guardian address is confirmed. Yellow: architectural pattern exists (separate roles defined) but effective key separation unconfirmed. RD-F-035 yellow Role separation: upgrade ≠ fee ≠ oracle RolesAuthority defines ADMIN_ROLE, FUND_MANAGER_ROLE, ORACLE, EXTERNAL_CURATOR. However Base.s.sol initializes all with OWNER (same EOA) as authority owner who can grant all roles. Functional separation exists in architecture but all roles are grantable by single EOA owner. Assessed yellow: role architecture exists but effective separation not confirmed. RD-F-042 yellow Admin has mint() with unlimited max MultipliVault's mint() overrides ERC-4626 with whenNotPaused+nonReentrant+requiresAuth+minDepositAmount — this is user-facing mint with floor, not an admin-callable unlimited mint. No separate admin mint(address,uint256) without supply cap found in vault source. rwaUSD token (RwaUsdToken) mint mechanism is undisclosed — its Ledger Core-mediated issuance model may have admin-controlled uncapped issuance. Assessed yellow: vault component green; rwaUSD component unverifiable (not deployed). RD-F-046 yellow Contract unverified on Etherscan/Sourcify MultipliBridger (0x5d39456b62d6645) verified on Etherscan with exact match. Multipli xUSDC token on Ethereum (0x369dffbb1d8f49ecf63501e2d175742ae1bfdfc8) is UNVERIFIED on Etherscan. Avalanche vault (0xCF0Eb4ac) verification status not confirmed from available Snowtrace data. Core vault contracts where user funds reside are not confirmed verified. Yellow: partial verification (one contract verified, core vaults unconfirmed). RD-F-167 yellow Deprecated contract paused but pause reversible by live admin V1 StarkEx system deprecated per README. MultipliMigrator.sol in V2 repo indicates V1-to-V2 migration path is active. V1 contracts may have admin pause held by current EOA. V1 contract addresses unconfirmed (code-security-analyst to verify V1 sunset). V2 MultipliVault has active admin pause via requiresAuth (same EOA). Assessed yellow pending V1 sunset confirmation. RD-F-028 n/a Low-threshold multisig vs TVL Admin resolves to single bare EOA on confirmed chains. No multisig exists to evaluate a threshold. Per U18 agreed framing: when control resolves to a single bare EOA, F028 scores not_applicable to prevent double-counting with F027. RD-F-029 n/a Multisig signers co-hosted No multisig exists — factor measures co-hosting of multisig signers which presupposes a multisig. RD-F-036 n/a Flash-loanable voting weight Pre-TGE corporate protocol. No Governor contract, no MULT governance token on-chain, no on-chain voting mechanism as of 2026-05-17. Flash-loanable voting is structurally impossible absent a governance token and contract. Scored not_applicable by construction. RD-F-037 n/a Quorum achievable via single-entity flash loan No governance quorum mechanism. Pre-TGE corporate protocol. RD-F-038 n/a Proposal execution delay < 24h No on-chain governance proposal mechanism. Pre-TGE corporate protocol. RD-F-039 n/a delegatecall/call in proposal execution without allowlist No governance executor contract exists. Pre-TGE corporate protocol. Scored not_applicable by construction. RD-F-040 gray Emergency-veto multisig present Docs describe Guardian pause authority but no distinct on-chain veto multisig address confirmed. No DAO Governor to cancel proposals against. Cannot verify presence of veto mechanism from available on-chain data. RD-F-045 n/a Constructor args match governance proposal No governance proposal process exists (pre-TGE corporate). Deployment used placeholder addresses in public scripts. No formal proposal to compare constructor args against. RD-F-047 n/a Governance token concentration (Gini) No governance token exists (pre-TGE). MULT token TGE pending but not launched.
RD-F-044 green Admin wallet interacts with flagged addresses MultipliBridger owner 0x151799d9... funded by 0xEE16e20F...2D359C29a — no public label on funder; no mixer, OFAC, or rug-labeled interactions found in tx history. Primary activity is protocol operations (Withdraw to MultipliBridger). No flagged cluster interactions confirmed.
Oracle & external dependencies Yellow 36 17 of 17
RD-F-059 red Oracle staleness check present xToken vaults: MultipliVault.sol public source has no timestamp validation in onUnderlyingBalanceUpdate() — the balance push is accepted without an on-chain staleness check. If ORACLE role holder stops updating, vault share price is stale indefinitely; the PPS circuit breaker only triggers on movement, not on freeze. rwaUSD: staleness documented (STALE status, 'NAV not updated within SLA') but SLA duration not published. Chainlink staleness check (updatedAt validation) not confirmable in non-public vault contracts. RD-F-180 red Immutable oracle address [★ CRITICAL] rwaUSD SignedFeedVerifier signer set composition is undisclosed. Docs state 'N-of-M quorum rules per profile' but do not confirm N, M, key management type, or whether signing keys are held by a multisig or single EOA. The governance docs state Oracle Admin manages signer sets 'via timelock ideally' — the qualifier 'ideally' indicates timelock is aspirational, not enforced. For xToken vaults: ORACLE role address is changeable by the Admin role holder (setAuthority in AuthUpgradeable.sol) but replacement path has no confirmed timelock; the actual ORACLE role holder identity is not disclosed. Single signer compromise for SignedFeedVerifier would affect 100+ RWA collateral profiles. Red because: (1) signer custody undisclosed; (2) timelock on oracle changes is 'ideal' not enforced; (3) single-signer scenario cannot be ruled out from public evidence. RD-F-048 yellow Oracle providers used Multipli uses four oracle mechanisms: (1) protocol-operated off-chain balance push via ORACLE role calling onUnderlyingBalanceUpdate() for xToken NAV; (2) 19 Chainlink price feeds (ETH/USD, BTC/USD, USDC/USD, USDT/USD, COMP/USD, LINK/USD, UNI/USD, AVAX/USD) across Ethereum/Base/Arbitrum/Avalanche confirmed in data cache; (3) protocol-operated SignedFeedVerifier (N-of-M signed prices) for rwaUSD RWA collateral; (4) DEX TWAP as sanity check for rwaUSD stablecoin collateral. Yellow because exact Chainlink feed-to-market mapping not confirmable without non-public vault contracts. RD-F-049 yellow Oracle role per asset xToken (all): ORACLE role push = Primary sole source, no fallback. rwaUSD T-bills: SignedFeedVerifier = Primary; TWAP = Sanity. rwaUSD stablecoins: external oracle feed + DEX TWAP = Primary + Sanity. rwaUSD gold: XAU/USD spot = Primary; token TWAP = Sanity. Chainlink feeds: serve specific markets per chain but exact feed-to-market mapping not derivable without non-public vault contracts. RD-F-050 yellow Dependency graph (protocols depended upon) Dependencies: Chainlink (19 feeds, 4 chains); off-chain strategy managers Nomura/LaserDigital, Fasanara, Edge Capital for NAV reporting; rwaUSD SignedFeedVerifier signer set (undisclosed composition); Peg Rail reference stablecoin (USDC/USDT); MultipliBridger (mechanism unknown) for cross-chain xToken transfers. VaultFundManager source cites Euler protocol in flash-redeem context. rwaUSD deployed into external DeFi venues per risk docs (specific venues not enumerated). RD-F-051 yellow Fallback behavior on oracle failure xToken vaults: no documented fallback when ORACLE role holder stops pushing balance updates; PPS circuit breaker only triggers on movement not freeze. rwaUSD: explicit fail-closed — STALE: issuance disabled; DISPUTED: issuance disabled; HALTED: risk-reducing ops only. No multi-oracle fallback chain. Fail-closed design for rwaUSD is well-documented; absence of fallback for xToken is confirmed by source review. RD-F-052 yellow Breakage analysis per dependency Chainlink feed failure: stale prices accepted up to heartbeat (86400s for USDT/AVAX) if no on-chain staleness check in vault. ORACLE role compromise: fraudulent NAV inflation → incorrect share pricing → potential drain. SignedFeedVerifier signer compromise: fraudulent RWA prices → unbacked rwaUSD minting across 100+ collateral profiles. Peg Rail stablecoin depeg: rwaUSD redemptions restricted. MultipliBridger failure: cross-chain xToken transfers halt. Off-chain manager failure: NAV reporting stops, redemptions impaired. Breakage scenarios identified from architecture review. RD-F-053 yellow Oracle source = spot DEX pool (no TWAP) [★ CRITICAL — not red] xToken NAV: off-chain balance push — not a spot DEX read; flash-loan spot manipulation not applicable. rwaUSD stablecoins: external oracle feed + DEX TWAP sanity check — TWAP present. rwaUSD gold: XAU/USD spot + token market TWAP divergence clamp. No confirmed raw spot-DEX oracle without TWAP for any documented asset type. Yellow (not green) because full vault contracts are non-public — cannot rule out undisclosed markets without TWAP guard. RD-F-058 yellow Max-deviation threshold (bps) xToken vaults: MAX_PERCENTAGE_THRESHOLD = 1e17 (10% = 1000 bps) is the ceiling; actual configured maxPercentageChange not confirmed from source. rwaUSD: 'if NAV changes beyond X bps/day, require multi-signer consensus or halt' — X not published numerically. Stablecoin depeg threshold: 0.995 (50 bps below peg). Partial numeric parameters confirmed; exact configured thresholds not published. RD-F-060 yellow Chainlink aggregator min/max bound misconfig 19 Chainlink feeds identified with addresses and parameters. High-priority feeds: ETH/USD 0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419 (3600s / 0.5%) and BTC/USD 0xF4030086522a5bEEa4988F8cA5B36dbC97BeE88c (3600s / 0.5%) confirmed by Chainlink feed registry. USDT/USD, AVAX/USD use 86400s heartbeat (appropriate for stablecoins). No known min/max bound misconfiguration for these standard feeds. Full min/max verification requires RPC access not available in this assessment. RD-F-062 yellow External keeper/relayer not redundant xToken vaults depend on ORACLE role address(es) to call onUnderlyingBalanceUpdate() — functionally a keeper/reporter role. If ORACLE role holder goes offline, vault share price is not updated until PPS circuit breaker triggers or admin intervenes. ORACLE role holder identity and redundancy not publicly disclosed — single vs. multiple keeper unknown. rwaUSD: similar dependency on SignedFeedVerifier signers. No keeper-redundancy documentation found. RD-F-054 gray TWAP window duration rwaUSD stablecoin and gold collateral use DEX TWAP as sanity check layer. Exact TWAP window duration not published. Taxonomy threshold: <30 min = high risk. Cannot confirm whether TWAP meets threshold without duration disclosure. RD-F-055 n/a Oracle pool depth (USD) rwaUSD TWAP is a sanity layer, not the primary oracle — pool depth not the risk surface for rwaUSD. xToken vaults do not use DEX pools for pricing. Chainlink feeds are not pool-depth-dependent. Factor definition (DEX pool feeding an oracle as primary source) does not apply. RD-F-181 n/a Permissionless-pool lending oracle Multipli is not a lending protocol (YIELD category per profile §1). xTokens are ERC-4626 vault shares backed by delta-neutral strategies. rwaUSD is a stablecoin backed by curated/governed RWA collateral (onboarded by Timelock Governor, not permissionless). F181 definition (lending protocol accepts spot prices from DEX where any user can permissionlessly create pools) does not apply.
RD-F-056 green Single-pool oracle (no medianization) Chainlink feeds use multi-node aggregation (standard design — not single-pool). SignedFeedVerifier uses N-of-M quorum (multi-signer). xToken balance push is an operator attestation model, not pool-based. rwaUSD TWAP is sanity check only. No single-pool primary oracle identified.
RD-F-057 green Circuit breaker on price deviation Two circuit-breaker mechanisms confirmed: (1) MultipliVault.sol: maxPercentageChange triggers auto-pause if price-per-share changes beyond threshold between updates (constant MAX_PERCENTAGE_THRESHOLD = 1e17 = 10% ceiling; updateMaxPercentageChange() admin function). (2) rwaUSD: asset-level max-delta bounds; breach triggers HALTED status blocking all but risk-reducing operations.
RD-F-061 green LP token balanceOf used for pricing No LP token balanceOf pricing in vault or rwaUSD contracts. xToken NAV is reported via onUnderlyingBalanceUpdate() (operator-pushed). rwaUSD uses SignedFeedVerifier (signed messages). Neither mechanism is donation-manipulable via balanceOf. Source review confirms no LP pricing logic.
Economic risk Yellow 33 13 of 13
RD-F-063 yellow TVL (current + 30d trend) TVL estimated ~$342–366M per DefiLlama (web search returning DefiLlama data, 2026-05-17; profiler HTML-derived $366.2M; lower figure $342.64M from alternate web search snippet). Protocol meets ≥$100M coverage threshold. 30-day TVL change unavailable — DefiLlama API slugs 'multipli-fi' and 'multipli' both return HTTP 400 (blocked). Primary protocol API endpoint (api.multipli.fi/.../defillama/tvl/) not directly accessible. Yellow rather than green: no primary dated API read possible; TVL trend data absent. Growth trajectory strongly positive (V2 launch ~$95M Aug 2025 → ~$354M mid-range May 2026). RD-F-069 yellow Algorithmic / under-collateralized stablecoin rwaUSD is a credit-backed stablecoin collateralized by tokenized RWAs (T-bills, stablecoins, tokenized gold) at illustrative MTV ratios ~70–85% (implying ~115–143% collateralization). This is NOT algorithmic — no reflexive token backing. Yellow (not red): collateral is high-quality near-cash assets; Lloyd's of London insurance provides supplementary tail-risk coverage; three-layer defense (Reserve Buffer, Deficit Recorder, Recap Mechanism) is architecturally sound. Yellow because: (a) exact collateralization ratios are 'illustrative and subject to change' — not on-chain verifiable; (b) the design is novel with limited at-scale track record (~9 months V2 live); (c) Peg Rail introduces reference-stablecoin reserves bounded by daily outflow limits — potential stress-redemption bottleneck; (d) strategy manager basis for xToken yield is entirely off-chain with no on-chain position verifiability (limited transparency). The xToken yield component (delta-neutral strategies via Nomura/LaserDigi RD-F-074 yellow ERC-4626 virtual-share offset (OZ ≥4.9) MultipliVault.sol inherits from ERC4626Upgradeable (OpenZeppelin). OZ ERC4626Upgradeable ≥ v4.9 includes virtual-share offset via _decimalsOffset(). The default implementation returns 0, meaning only 1 virtual share/asset is added (10^0=1) — the weakest form of virtual-offset protection. OZ notes offset=0 is 'non-profitable' for a single attacker deposit at scale but weaker than offset>0 against multi-user scenarios. The actual MultipliVault.sol source code is not accessible (GitHub raw file returns 404; no Etherscan-verified addresses published) — it is unknown whether Multipli overrides _decimalsOffset() to a larger value. The oz_contracts_version is null in the data cache. Shieldify June 2025 ERC-4626 audit scope covers this contract but the PDF is inaccessible. Yellow: OZ base class provides nominal protection; override status unknown; source unverifiable from public data. RD-F-075 yellow First-depositor / share-inflation guard Same evidence base as F074. OZ ERC4626Upgradeable with default _decimalsOffset()=0 provides 1 virtual asset/share — minimal guard against first-depositor share-inflation attack. OZ explicitly advises vault deployers to make a non-trivial initial seed deposit for additional protection. No evidence of such a seed deposit at vault deployment (not mentioned in docs, not in audit findings summaries, not in llms-full.txt). Source code inaccessible (GitHub raw 404; no Etherscan addresses). Current TVL (~$350M) makes active first-depositor attack practically infeasible today (manipulation profit << gas + capital cost at this TVL scale). However, at vault genesis/early stage this was a live risk surface. Shieldify June 2025 'ERC-4626 Vault' audit likely addressed this; PDF inaccessible. Yellow: nominal OZ protection exists; confirmed guard (seed deposit or offset override) not evidenced; source unverifiable. RD-F-064 gray TVL concentration (top-10 wallet share) No on-chain TVL holder breakdown published. Vault contract addresses not publicly enumerated (profile §3 confirms no official address book). DefiLlama API blocked. Cannot compute top-10 wallet share. Institutional depositor base implied by product positioning but not verifiable. Not_assessed (gray) rather than red — absence of data is not evidence of extreme concentration. RD-F-065 gray Liquidity depth per major asset xTokens are ERC-4626 vault shares, not traded DEX pairs — standard 2%/5% slippage depth metric is not applicable in the DEX-subgraph sense. Redemption liquidity depends on protocol's ability to unwind off-chain institutional strategies. Protocol claims 'same-day liquidity, no lockup periods' (The Block/MEXC 2025-08-28). Docs note for rwaUSD: 'redemptions can queue at the margin' and 'slow assets impose their timelines on fast ones.' No quantitative on-chain liquidity depth measurable via standard DEX subgraph method. Gray: pipeline method not applicable to vault-share redemption model. RD-F-066 n/a Utilization rate (lending protocols) Multipli is not a lending protocol. xToken vaults are ERC-4626 yield-aggregator shares with off-chain strategy backing, not borrow/supply markets. No utilization rate exists. PD-024 lending-specific N/A applies. RD-F-067 n/a Historical bad-debt events Multipli is not a lending protocol with socialized bad-debt mechanics. No borrow/supply markets. The rwaUSD system has a Deficit Recorder for shortfalls from failed auctions, but this is a credit-backed stablecoin system, not a lending market bad-debt pool. PD-024 lending-specific N/A applies. No incidents in Rekt DB or DeFiLlama hacks feed. RD-F-068 n/a Collateralization under stress Multipli is not a CDP/lending protocol. No collateralization ratio stress-test applicable under PD-024. rwaUSD uses MTV ratios (~70–85% illustrative) for RWA collateral, but this is a stablecoin backing model, not a lending-market collateralization ratio. PD-024 N/A applies. RD-F-070 n/a Empty cToken-style market (zero supply/borrow) RD-F-070 [★ CRITICAL] — NOT APPLICABLE. Multipli is not a Compound V2 fork. No cToken-style markets with shared totalSupply/totalBorrow accounting exist. The protocol is an original ERC-4626 yield-aggregator vault. The 'empty market donation attack' vector does not apply to this architecture. ERC-4626 first-depositor share-inflation risk (the related but distinct attack surface) is scored under RD-F-074 and RD-F-075. RD-F-071 n/a Seed-deposit requirement for new market listing No permissionless market-listing mechanism. Multipli does not list new cToken-style markets. xToken vault deployments are protocol-initiated corporate decisions. PD-024 lending-specific N/A applies. RD-F-072 n/a Market-listing governance threshold No market-listing governance mechanism. No permissionless listings. xToken vaults are deployed by the Multipli team under corporate governance. PD-024 lending-specific N/A applies. RD-F-073 n/a Oracle-manipulation-proof borrow cap No borrow markets. PD-024 lending-specific N/A applies.
Operational history Green 17 15 of 15
RD-F-089 red Insurance coverage active No active third-party insurance coverage found for Multipli. Nexus Mutual: no Multipli listing found in search. Sherlock: no contest or coverage listing found. Unslashed: no listing found. At ~$366M TVL, no protocol-level insurance represents a meaningful unmitigated exposure. Red per rubric: no active bounty/insurance proportionate to TVL. RD-F-076 yellow Protocol age (days) V1 mainnet deploy ~2024-11-01 (~18 months old). V2 ERC-4626 architecture launched ~2025-08-28 (~9 months old). The V2 architecture holds the bulk of current ~$366M TVL and is below the 12-month operational stress-test threshold for a full green. Yellow: sufficient V1 history but V2 under 12 months. RD-F-088 yellow Re-deployed to new addresses in last year V1 (StarkEx) to V2 (ERC-4626) migration completed within the trailing 12-month assessment window (V2 launched ~2025-08-28). This was a planned architectural migration, not exploit-driven. V1 surface appears drained (Avalanche vault at 0 balance; V1 Ethereum xUSDC at 2 holders). Yellow rather than red because the redeploy was deliberate, documented, and managed — not a forced emergency migration. RD-F-081 gray Post-exploit response score No prior exploits exist. Post-exploit response score cannot be assessed — no incidents to evaluate. RD-F-082 gray Post-mortem published within 30 days No prior exploits exist. Post-mortem published within 30 days cannot be assessed — no incidents to evaluate. RD-F-083 gray Auditor re-engaged after last exploit No prior exploits exist. Auditor re-engagement after exploit cannot be assessed — no incidents to evaluate. RD-F-084 gray TVL stability (CoV over 90d) DefiLlama API blocked for Multipli (defillama_blocked: true; tvl_daily: []). No TVL time-series available to compute coefficient of variation. TVL is ~$366M per HTML page render but daily time-series not retrievable via current pipeline. RD-F-085 gray Incident response time (minutes) No prior incidents exist. Incident response time cannot be assessed.
RD-F-077 green Prior exploit count Zero protocol-level exploits confirmed. Rekt DB cache empty; DefiLlama hacks cache empty; internal hacksdatabase grep returned 0 matches for multipli/xUSD/tanX; SlowMist and De.Fi Rekt Database web searches returned no results for multipli.fi. U22 collision check performed — no foreign incidents attributable to this protocol.
RD-F-078 green Chronic-exploit flag (≥3 incidents) Zero exploits recorded. Chronic flag (≥3 exploits) does not fire.
RD-F-079 green Same-root-cause repeat exploit Zero exploits recorded. No same-root-cause repeat possible.
RD-F-080 green Days since last exploit No prior exploit exists. Factor displays as 'no prior exploit' — green by definition.
RD-F-086 green Pause activations (trailing 12 months) No pause activations found in any public source (no news reports, no social reports, no on-chain event data available for unconfirmed contract addresses). Docs confirm granular pause capability exists for rwaUSD (minting, withdrawals, peg rail, auctions, profile onboarding). Zero known activations recorded. [?] Unverified at on-chain level — governance-admin-analyst to confirm via Paused() event logs once contracts enumerated.
RD-F-087 green Pause > 7 consecutive days No pause events found. Protocol has not been paused >7 consecutive days. [?] Unverified at on-chain level pending contract address enumeration by governance-admin-analyst.
RD-F-166 green Deprecated contracts still holding value V1 deprecated surface appears cleanly sunset. Avalanche V1 vault (0xb63601A11c5bDC79D511B8F73871d7C0d8B57AE9): 0 AVAX balance, 1 historical tx from ~8 months ago — no value held. Ethereum V1 xUSDC token (0x369dffbb1d8f49ecf63501e2d175742ae1bfdfc8): ~77,505 tokens, 2 holders, unverified source, no market price, no recent transfers — below $100K threshold. V1 migration documented as one-directional in FAQ. [?] Full V1 contract enumeration deferred to code-security-analyst; finding conditional on their confirmation.
Real-time signals Green 6 22 of 22
RD-F-109 yellow Social-media impersonation scam spike Applicable: X @multiplifi is the official social handle; confirmed active impersonation ecosystem (mainnet-multipli.fi crypto drainer, documented April 2025). T-09 v2-deferred signal; requires social-media monitoring vendor integration for spike-pattern detection. Base-level impersonation activity is confirmed and ongoing — mainnet-multipli.fi was documented as an active crypto-drainer site mimicking Multipli's brand and UI. PCRisk/MalwareGuide confirmed April 24-25, 2025. Spike-pattern measurement not possible without live social-monitoring feed. Ongoing impersonation presence warrants yellow. RD-F-090 gray Mixer withdrawal → protocol interaction Applicable EVM protocol. T-09 phase-2 signal (Tier-C advisory only). No Tornado Cash or Railgun interaction with confirmed Multipli vault addresses found via public OSINT. Deployer address 0x8cFee31bf3A57EC2C86D9e0f476Bd36aCA611Fa5 (Avalanche xUSDC vault deployer per Snowtrace) shows interactions with USDC, xBTC.b, Mayan Finance — no mixer-labeled counterparties. 30-day attribution window requires licensed wallet-clustering feed (Chainalysis/TRM) for conclusive trace. T-09 phase-2 signal; pipeline not yet implemented. RD-F-091 gray Partial-drain test transactions Applicable. T-09 phase-2 signal (v2-deferred, not in 10-signal shortlist). No partial-drain test-transaction pattern observed in Rekt or DeFiLlama hacks feeds. No prior exploit history for Multipli. Signal folded into RD-F-098 tier-B precursor rule per T-09 §3.3. RD-F-092 gray Unusual mempool pattern from deployer wallet Applicable. T-09 v2-deferred signal. Deployer wallet 0x8cFee31bf3A57EC2C86D9e0f476Bd36aCA611Fa5 shows 151 total transactions on Avalanche including expected admin operations (Set User Role, Set Role Capability). No anomalous mempool pattern detectable without live mempool listener. Requires dedicated mempool infrastructure. RD-F-093 gray Abnormal gas-price willingness from attacker wallet Applicable (EVM). T-09 v2-deferred signal. No attacker wallet identified for Multipli. No anomalous gas-price events reported in public sources. Requires mempool monitoring with gas-price anomaly detection. RD-F-094 gray New contract with similar bytecode to exploit template Applicable. T-09 v2-deferred signal. No exploit-template deployment targeting Multipli ERC-4626 vault bytecode found in public OSINT. Requires on-chain new-deploy sweep with bytecode similarity analysis. RD-F-095 gray Known-exploit function-selector replay Applicable. T-09 v2-deferred signal. No known-exploit replay pattern observed. No prior exploit to replay from. Requires mempool + tx history with exploit-template selector DB. RD-F-096 gray New ERC-20 approval to unverified contract from whale Applicable (EVM). T-09 v2-deferred signal (user-level, consumer app scope per T-09 §3.3). No whale-approval anomaly found in public OSINT. Requires mempool + explorer monitoring for high-TVL user approvals. RD-F-097 gray Sybil surge of identical-pattern transactions Applicable. T-09 v2-deferred signal. No sybil-surge pattern observed. Protocol ORBs points campaign could attract sybil behavior but no hack-class sybil pattern detected. Requires on-chain clustering analysis. RD-F-098 gray TVL anomaly — % drop in <1h Applicable: ~$366M TVL protocol. T-09 v1 launch signal, Tier-A (instant grade flip). DefiLlama API blocked (defillama_blocked=true per data cache); pipeline TVL time-series is null. No drain event in Rekt or DeFiLlama hacks feeds as of 2026-05-17. Signal cannot be live-configured without a working TVL feed from api.multipli.fi or an alternative endpoint. Primary condition (>30% drop in 60 min) is unevaluable without a live stream. Would fire if a drain occurred and TVL feed were live — posture is signal-applicable but pipeline-unimplemented. RD-F-101 n/a Large governance proposal queued Pre-TGE corporate admin, no on-chain governor deployed. Data cache: governance.governor_address=null, governance.type=unknown, governance.snapshot_space=null. No ProposalCreated event surface exists. Signal will become applicable post-MULT TGE + governor deployment. T-09 v1 launch signal, Tier-B. RD-F-103 gray Bridge signer-set change proposed/executed Applicable: MultipliBridger contract confirmed; xTokens span 6 chains (Ethereum, Base, Monad, Arbitrum, Avalanche, BSC). T-09 v1 launch signal, Tier-A (instant grade flip). MultipliBridger contract address not confirmed publicly; data cache layerzero.present=false (pipeline probe may have missed address). Bridge signer-set event subscription cannot be configured without confirmed contract address. No signer-set change event found in public OSINT. Handoff to oracle-dependency-analyst required to enumerate full MultipliBridger address. RD-F-106 gray Cross-chain bridge unverified mint pattern Applicable: multi-chain xToken presence with MultipliBridger; cross-chain activity is core to protocol operation. T-09 phase-2 signal (v2-deferred per T-09 §3.3). No anomalous mint-without-proof pattern found in public OSINT. MultipliBridger address unconfirmed — prevents bridge-event monitoring. Requires bridge event + cross-chain index subscription. RD-F-107 gray Admin EOA signing from new geography/device Applicable (EOA admin keys in use — MultipliBridger owner 0x151799d9…, RolesAuthority admin). T-09 v2-deferred signal. Off-chain signing telemetry required — not publicly available. No signing geography anomaly observable from public OSINT. RD-F-108 gray GitHub force-push to sensitive branch Applicable: multipli-libs/Barebones-MultipliVault is public (github_private=false). Last commit 2026-01-16 per data cache — no recent force-push event reported in public GitHub activity. This is the bare implementation repo, not necessarily the production deployment repo. T-09 v2-deferred signal; requires GitHub API monitoring with protocol-permissioned access. T-09 phase-2 signal. RD-F-110 n/a Unusual pending/executed proposal ratio No on-chain governor deployed (pre-TGE, corporate admin). Data cache: governance.governor_address=null. No proposal history exists; pending/executed ratio cannot be computed. T-09 v2-deferred signal. RD-F-182 n/a Security-Council threshold reduction (RT) Security-Council threshold reduction signal (batch-24, Cat 6B). T-09 v1.1 candidate signal. Trigger requires a Security Council multisig executing a threshold reduction (e.g. 3/5 → 2/5) or timelock removal within ≤14 days of prior signer addition. Multipli has no Security Council or Safe multisig published as of 2026-05-17. Data cache safe_multisigs=[]. Corporate / no-DAO pre-TGE admin via RolesAuthority EOA. The Drift-class trigger surface is absent. Post-TGE with potential Security Council introduction, this factor becomes applicable.
RD-F-099 green Oracle price deviation >X% from secondary Applicable: 19 Chainlink feeds confirmed in data cache across Ethereum, Base, Arbitrum, Avalanche. T-09 phase-2 signal, Tier-B. Referenced feeds: USDT/USD at 0x3E7d1eAB13ad0104d2750B8863b489D65364e32D (86400s heartbeat, 0.25% deviation), ETH/USD at 0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419 (3600s, 0.5%), BTC/USD at 0xF4030086522a5bEEa4988F8cA5B36dbC97BeE88c (3600s, 0.5%), USDC/USD at 0x8fFfFfd4AfB6115b954Bd326cbe7B4BA576818f6 (82800s, 0.25%). No oracle price deviation event reported in public monitoring as of 2026-05-17. All feeds operating within standard deviation thresholds per Chainlink public dashboard.
RD-F-100 green Flash loan >$10M targeting protocol tokens Applicable: ERC-4626 vaults with stablecoin/BTC/ETH underlying; flash-loan-accessible tokens on Ethereum/Base/Arbitrum. T-09 phase-2 signal, Tier-B (advisory at launch; grade-eligible only when corroborated with F099 or F101). No large flash-loan event targeting Multipli vault contracts found in Rekt or DeFiLlama hacks feeds. Protocol uses Chainlink oracle (not DEX spot) for valuations — reduces flash-loan oracle manipulation risk. No on-chain governor (pre-TGE) eliminates governance-flash-loan attack vector. No corroborating F099 or F101 events.
RD-F-102 green Admin/upgrade transaction in mempool Applicable: MultipliBridger owner EOA (0x151799d9… partial, profile §7) and RolesAuthority vault admins are on-chain admin surfaces. UUPS proxied vaults (ERC-4626Upgradeable) have upgrade functions. T-09 phase-2 signal, Tier-B. No admin/upgrade tx in mempool reported via public channels. No large-scale admin action flagged in Rekt/DeFiLlama. Deployer address (0x8cFee31b…) shows routine admin role-management txns (Set User Role, Set Role Capability) consistent with normal operational activity — not anomalous per threshold definition.
RD-F-104 green Stablecoin depeg >2% on shared-LP venue Applicable: protocol holds USDC, USDT, rwaUSD as core underlying assets; stablecoin exposure substantially >5% of TVL (~$366M, predominantly stablecoin-backed). T-09 v1 launch signal, Tier-B (48h sustained). USDC/USD Chainlink at 0x8fFfFfd4AfB6115b954Bd326cbe7B4BA576818f6 tracking at peg; USDT/USD at 0x3E7d1eAB13ad0104d2750B8863b489D65364e32D tracking at peg. No depeg event on USDC/USDT/DAI as of 2026-05-17. rwaUSD peg not anomalous per public reports. Signal at rest.
RD-F-105 green DNS/CDN/frontend hash drift Applicable: multipli.fi is the official frontend domain. T-09 phase-2 signal, Tier-A (instant grade flip on unscheduled drift). Official domain multipli.fi appears stable per public DNS resolution. Impersonator mainnet-multipli.fi (documented April 2025, PCRisk) is a separate domain registered by threat actors — this is NOT a change to the official domain's DNS/hash and does not trigger RD-F-105. No CT log entries indicate SSL certificate change on multipli.fi. No change-management allowlist breach found. The impersonation finding is Cat-11 F161.
Dev identity & insider risk Yellow 21 16 of 16
RD-F-117 red ENS/NameStone identity bound to deployer MultipliBridger deployer EOA `0x151799d9072b0Ca939550906E7E79506bF4BeeE3` has no ENS reverse-record visible on Etherscan. No NameStone binding found. This is standard for corporate/undoxxed deployer EOAs. This factor is expected-red for most corporate protocols and is not a critical factor. RD-F-113 yellow Team other-protocol involvement history Shaaran: Krypto (India crypto exchange, 2019–2022), tanX.fi (StarkEx institutional DEX, 2021–present; still live; no rug/exit-scam found). Ritumbhara: Krypto co-founder (2020–2022); no adverse protocol history. Nakul: Coinbase/PayPal/BCG; no prior DeFi protocol. tanX.fi searched specifically for security incidents — none found (rekt.news, REKT leaderboard, Halborn top-100 DeFi hacks 2025). The $16.5M capital reallocation from tanX.fi is corroborated. Yellow reflects no verifiable DeFi-native prior work for Nakul; prior ventures are clean but Krypto/tanX are adjacent-not-identical to DeFi protocol building. [?] No neutral/successful DeFi protocol launch verifiable for all three founders prior to Multipli. RD-F-114 yellow Deployer address prior on-chain history MultipliBridger deployer `0x151799d9072b0Ca939550906E7E79506bF4BeeE3` first tx ~Jan 2025 (1 yr 121 days ago per Etherscan). Appears purpose-built for this protocol (no labeled prior deploys of rugged contracts visible). No CTI-labeled rug-deployer cluster match. Yellow because address is a fresh/purpose-built wallet with limited on-chain history (no ≥6 months non-flagged dev history prior to Multipli deploy). V2 vault deployer addresses on Ethereum/Base/Arbitrum/Avalanche/BSC/Monad not yet confirmed — full assessment incomplete. RD-F-116 yellow Contributor tenure at admin-permissioned PR GitHub repo `multipli-libs/Barebones-MultipliVault` shows 3 commits by single contributor Sidharth1013: Jan 12 and Jan 16, 2026. Apparent repo-tenure for this contributor: <30 days (first visible commit Jan 12, last Jan 16). However, per README this is a stripped public-facing repo; actual internal codebase is separate. Admin-permissioned changes to production contracts are made via the internal repo, which is not publicly accessible. Yellow reflects the <30-day visible tenure of the only public contributor; the internal repo contributor history is unknown. RD-F-121 yellow Contributor OSINT depth score Curator OSINT depth scores: Shaaran 4/5 (LinkedIn + conference + prior employer + Forbes nominee + education verified); Ritumbhara 3/5 (LinkedIn + Krypto co-founder + tech media); Nakul 4/5 (LinkedIn + Crunchbase + Coinbase/BCG/PayPal + MBA). GitHub contributor Sidharth1013 1/5 (GitHub pseudonym only). Average across all known contributors: ~3/5. Yellow threshold is 2–3 per template. RD-F-123 yellow Sudden admin-rescue/ACL change without discussion No public governance forum, Snapshot space, or issue tracker exists for Multipli (pre-TGE corporate, no DAO). No affirmative evidence of an admin-rescue function or ACL change with deliberate suppression of discussion. Per §7-rule-5: the absence of a discussion venue is a Cat-2 control matter; F123 ★ scores on insider-conduct/concealment evidence. Yellow reflects structural inability to cross-check any future ACL changes given the absence of a public discussion channel — not an affirmative concealment signal. The publicly visible multipli-libs GitHub repos contain no open issues or PR discussions about ACL changes as of 2026-05-17. RD-F-119 gray Commit timezone consistent with stated geography Only 3 commits visible in public repo (Jan 12 and Jan 16, 2026); commit timestamps show date only, no hour/minute UTC precision. Team stated geography: SF (Tracxn) and Dubai (Ritumbhara LinkedIn). Insufficient timestamp resolution for DPRK UTC+9 anomaly analysis. Internal repo commit history inaccessible. RD-F-122 gray Contributor paid to DPRK-cluster wallet On-chain contributor payment streams not identified. Only confirmed privileged wallet is `0x151799d9...4BeeE3` (MultipliBridger owner EOA). Etherscan visible transactions for this address show no DPRK-labeled counterparties. Off-chain payroll not assessed per scope instruction. Full CTI feed (Chainalysis/TRM) required for 3-hop cluster analysis — unavailable. RD-F-184 gray Real-capital social-engineering persona No curator-flagged social-engineering persona identified for Multipli. The Drift/UNC4736 comparator (referenced in F184 taxonomy entry) involved 6-month in-person relationship-building plus >$1M deposits to Drift vaults. No analogous pattern identified for Multipli: no suspicious external integrator or contributor persona has been publicly flagged; institutional deposit activity (Nomura/LaserDigital, Fasanara, Edge Capital) is attributable to named institutional managers. F184 is gray with the Drift comparator noted as the benchmark pattern. M-only OSINT; no curator flag received.
RD-F-111 green Team doxx status Three co-founders are real-name doxxed with consistent professional history across ≥2 distinct-domain sources each: Shaaran Lakshminarayanan (CEO, LinkedIn, Blockworks, The Org, Tracxn, Forbes 30U30 nominee), Ritumbhara Bhatnagar (CDO, LinkedIn, The Org, RocketReach), Nakul Gupta (CBO, LinkedIn, Crunchbase, Product School, Coinbase/BCG trail). GitHub contributor Sidharth1013 is pseudonymous but is a non-co-founder contributor. Classification: ≥2 core team members real-name with verifiable prior professional history.
RD-F-112 green Team public accountability surface Shaaran: LinkedIn (500+ connections), Blockworks conference profile, The Org, Tracxn, Forbes 30U30 nominee (2020), VIT + Stanford AI education, prior Krypto/tanX employer trail — ≥4 trails. Ritumbhara: LinkedIn, The Org, RocketReach, Krypto co-founder (2020–2022) — ≥3 trails. Nakul: LinkedIn (Chicago Booth MBA), Crunchbase, Product School, BCG/Coinbase/PayPal/Venmo employer trail — ≥4 trails. All three co-founders meet ≥3 verifiable trails threshold.
RD-F-115 green Prior rug/exit-scam affiliation No rug or exit-scam affiliation found for any co-founder or named team member. Shaaran, Ritumbhara, Nakul cross-referenced against rekt.news (no hits), data cache rekt.incidents = [], Halborn Top 100 DeFi Hacks 2025 (no Multipli or tanX entry). tanX.fi is still live as a separate entity. No C6 rug-deployer class match found.
RD-F-118 green Handle reuse across failed/rugged projects No evidence of social handle reuse across failed/rugged projects for any team member. Shaaran's X handle @Shaaran5 and LinkedIn are consistent with tanX.fi/Krypto identity. Ritumbhara's LinkedIn is consistent with Krypto/Multipli history. Nakul's handles consistent with Coinbase/BCG/Multipli trail. No Wayback Machine discontinuity found. No handle-to-rug association in rekt.news.
RD-F-120 green Video-off/voice-consistency flag Shaaran Lakshminarayanan has a Blockworks speaker profile with photo. The Org shows profile image present. Multiple media attributions corroborate real-name identity across announcements. No video-off pattern found in public sources. The Defiant, Decrypt, The Block, Chainwire, MEXC all cite Shaaran by name with consistent identity.
RD-F-124 green Deployer wallet mixer-funded within 30 days MultipliBridger deployer `0x151799d9072b0Ca939550906E7E79506bF4BeeE3` was funded approximately January 2025 from address `0xEE16e20F...2D359C29` (rendered on Etherscan 'Funded By' field). This funder address carries no Tornado Cash, Railgun, or OFAC-mixer label on Etherscan. No mixer interaction found in visible transaction history for either the deployer or its funder. The 30-day pre-deploy window for MultipliBridger (creation ~Jan 2025): funder has no mixer label. Confidence is moderate because paid CTI feed (Chainalysis/TRM) is unavailable and full transaction history (9,891 txns) was not exhaustively reviewed. V2 vault deployers on Ethereum/Base/Arbitrum not confirmed — mixer check for those addresses is deferred.
RD-F-125 green Deployer linked within 3 hops to DPRK/Lazarus No OFAC SDN designation found for any Multipli deployer or signer address. No Chainalysis/published DPRK/Lazarus cluster label found in public sources for `0x151799d9...4BeeE3` or its funder. No adversary use of Multipli xTokens attributed to team-identity (per U4: adversary use of xTokens as drain/launder venue is a Cat-11 matter, not a Cat-7 F125 finding). No DPRK-confirmed finding present. CTI feed gap noted: Chainalysis/TRM 3-hop graph analysis unavailable — finding is green based on public proxies only. RD-F-125 does not trigger rubric-level F-grade discretionary downgrade.
Fork / dependency lineage Green 0 10 of 10
RD-F-126 n/a Is-a-fork-of V2 MultipliVault is an original implementation, not a fork of any upstream DeFi protocol. README states it is a stripped-down implementation with original vault logic. Inherits OZ ERC4626Upgradeable as a library dependency, not as a forked protocol. RD-F-127 n/a Upstream patch not merged No upstream DeFi protocol fork. Factor not applicable. RD-F-128 n/a Upstream vulnerability disclosure (last 90d) No upstream DeFi protocol fork. V1 StarkEx architecture deprecated per README. Factor not applicable for V2 EVM. RD-F-129 n/a Code divergence from upstream (%) Original implementation with no upstream fork point. Code divergence percentage cannot be computed without a fork target. RD-F-130 n/a Fork depth (generations from original audit) Original implementation. No fork depth applicable. RD-F-131 n/a Fork retains upstream audit coverage Not a fork. All audit coverage is fresh (Shieldify #88, #95 are independent V2 audits, not upstream + delta-audit pattern). RD-F-132 n/a Fork has different economic parameters than upstream Original implementation with no upstream audited defaults to compare economic parameters against. RD-F-133 gray Dependency manifest uses unpinned versions Data cache records oz_contracts_version=null. The .gitmodules file exists in repo but returned 404 on all direct fetch attempts. foundry.lock also 404. OZ library version pinning (exact-version vs floating ^) cannot be confirmed from public data. Import paths in verified source do not include version tags. RD-F-135 gray Shared-library version with known-vuln status OZ version unconfirmed (cache oz_contracts_version=null; .gitmodules 404). Import paths suggest OZ v5.x (ERC4626Upgradeable, PausableUpgradeable patterns). No active high/critical GHSA advisory known for OZ v5 as of 2026-05-17, but exact version needed to rule out specific advisories.
RD-F-134 green Dependency had malicious-release incident (last 90d) No npm/PyPI/crates.io malicious-release advisory affecting OZ contracts-upgradeable, Solmate, or other Multipli dependencies found in GitHub Security Advisories or public feeds as of 2026-05-17.
Post-deploy hygiene & change mgmt Yellow 20 13 of 13
RD-F-185 red Bridge rate-limiter / chain-pause as positive mitigant MultipliBridger has no per-window outflow rate-limiter from verified source analysis. No circuit-breaker or outflow cap in removeFunds() function. No chain-pause mechanism applicable to Ethereum or Avalanche. rwaUSD emergency pause is an issuance halt (not a bridge rate-limiter). Assessed red: no rate-limiter positive mitigant present. RD-F-139 yellow Post-audit code changes without re-audit Shieldify Vault audit PDF hosted in repo is dated 2025-07-08. GitHub last commit date is 2026-01-16 — approximately 6 months of changes post-audit. No re-audit of post-July 2025 changes confirmed. Pending Shieldify MULT token audit #151 (2026-05, 'Soon') covers token only, not vault changes. Delta between audited commit and 2026-01-16 HEAD is unknown. Assessed yellow: no confirmed exploit; extent of post-audit changes unknown; 'Barebones' caveat may mean production deployment is closer to audited code. RD-F-145 yellow Deployed bytecode reproducibility GitHub repo is public (MIT) with foundry.toml (Solidity 0.8.30, 8 optimizer runs). Build reproducibility is in principle achievable from repo + declared toolchain. However, 'Barebones' caveat means deployed bytecode may differ; actual Snowtrace/Etherscan vault source not independently verified; changelog_present=false. Yellow: in-principle reproducible but not confirmed for deployed bytecode. RD-F-146 yellow New contract deploys in last 30 days Shieldify MULT token audit #151 (2026-05, 'Soon') implies MULT token deployment pending or recent. If MULT token deploys in last 30 days it represents fresh unaudited-at-launch surface. No confirmed new vault deploys in last 30 days. Yellow: pending TGE deployment risk warrants monitoring. RD-F-136 gray Deployed bytecode matches signed release tag GitHub repo has no signed release tags; last commit 2026-01-16 on untagged branch. Actual deployed bytecode vs commit SHA comparison not possible without verified Avalanche/Base/Ethereum source matching. 'Barebones' repo caveat means deployed contracts may differ from published source. RD-F-140 gray Fix-merged-but-not-deployed gap No known vulnerability disclosures found. Cache rekt.incidents=[] and defillama.hacks=[]. Cannot confirm or deny fix-merged-but-not-deployed gap from available data. RD-F-168 gray Stale-approval exposure on deprecated router V1 StarkEx system is deprecated. V1 contract addresses not confirmed — cannot enumerate stale user approvals outstanding. Code-security-analyst to enumerate V1 addresses and assess approval surface.
RD-F-137 green Upgrade frequency (per 90 days) No Upgraded events detected for any confirmed contract in available explorer data (last 90 days). MultipliBridger is non-upgradeable. Avalanche vaults are UUPS proxies but no upgrade events found.
RD-F-138 green Hot-patch deploys without timelock (last 30 days) No hot-patch deploys found in last 30 days from available evidence. No upgrade events detected on any confirmed contract.
RD-F-141 green Test-mode parameters in deploy Deployment script uses placeholder 0x123 addresses in public repo (not production values). Actual mainnet deployment used real addresses (confirmed from Snowtrace deploy tx by real EOA). MultipliVault source enforces minDepositAmount. No test-mode oracle or infinite allowance in vault source.
RD-F-142 green Storage-layout collision risk across upgrades MultipliVault uses ERC-7201 namespaced storage pattern (confirmed from API analysis: 'ERC-7201 storage pattern compliance'). AuthUpgradeable uses dedicated storage slot 0xdd3fd67a... This mitigates storage collision across upgrades. No upgrade history to analyze for actual collisions.
RD-F-143 green Reinitializable implementation (no _disableInitializers) MultipliVault constructor explicitly calls _disableInitializers() — proxy takeover via re-init is prevented. VaultFundManager is not upgradeable (standard non-proxy contract with immutable variables). OZ reinitializer protection confirmed.
RD-F-144 green CREATE2 factory permits same-address redeploy No CREATE2 factory usage in deployment scripts. Standard deployer EOA pattern via Foundry's Upgrades.deployUUPSProxy() confirmed from Base.s.sol. No redeploy-to-same-address risk.
Cross-chain & bridge Green 17 12 of 12
RD-F-157 yellow Bridge TVL per validator ratio Total bridge-touching TVL ~$366M across 6 chains. Validator count unknown. Worst-case scenario: single EOA owner (0x151799d9...) = $366M per validator. Even with a 3-of-5 multi-signer bridge: $73M per validator. At $366M TVL with unknown validator count, the TVL-per-validator ratio is extremely high regardless of validator count assumption. Yellow because validator count unknown prevents definitive red but concentration concern is load-bearing. RD-F-148 gray Bridge validator count (M) MultipliBridger contract source not publicly available, address not confirmed. Bridge mechanism (custom vs. LayerZero vs. CCIP) unknown. If custom EOA bridge (owner 0x151799d9...), validator count = 1. If LayerZero: DVN count unknown. Cannot assess from available evidence. RD-F-149 gray Bridge validator threshold (k-of-M) Bridge signature threshold unknown. If EOA-controlled bridge (single owner 0x151799d9...): threshold = 1-of-1. If LayerZero: DVN threshold unknown. MultipliBridger source not publicly available. RD-F-150 gray Bridge validator co-hosting Bridge validator co-hosting cannot be assessed — bridge validator identity and infrastructure unknown. MultipliBridger source not publicly available. RD-F-151 gray Bridge ecrecover checks result ≠ address(0) [★ CRITICAL] MultipliBridger source not publicly verified or available. Cannot inspect ecrecover usage. If LayerZero OFT v2: this check is standard in the endpoint contracts. If custom bridge: no assessment possible. Static analysis cannot be performed without contract source. RD-F-152 gray Bridge binds message to srcChainId Cannot assess — bridge mechanism unknown. srcChainId binding is a custom implementation choice not verifiable without MultipliBridger source. RD-F-153 gray Bridge tracks nonce-consumed mapping Cannot assess — bridge mechanism unknown. Nonce/replay protection is a custom implementation choice not verifiable without MultipliBridger source. RD-F-154 gray Default bytes32(0) acceptable as valid root [★ CRITICAL] Cannot assess — MultipliBridger source not available. If custom bridge with Merkle-root validation: bytes32(0) acceptance is a catastrophic Nomad-class bug ($190M). If LayerZero OFT (no Merkle roots in OFT design): factor would be not_applicable. Source opacity prevents assessment. RD-F-155 gray Bridge validator-set rotation recency Cannot assess — bridge validator set identity unknown; no event logs available for MultipliBridger address (address not confirmed). RD-F-156 gray Bridge uses same key custody for >30% validators Cannot assess — bridge validator set unknown. If EOA: single key custodian = 100% concentration (worst case). MultipliBridger source not available. RD-F-179 n/a LayerZero OFT DVN config (count, threshold, diversity) Data cache layerzero.present=false — pipeline probe did not find a LayerZero OApp address. No LayerZero references appear in Multipli docs (llms-full.txt), GitHub source, or web search results as of 2026-05-17. Most-likely-scenario is not_applicable (bridge is custom or uses a different protocol). Confidence: LOW — if curator confirms LayerZero integration, this converts to gray (protocol_opacity) or scored on merits. Curator should check LayerZero Scan for Multipli-associated OApp addresses.
RD-F-147 green Protocol has bridge surface Bridge surface confirmed. xTokens (xUSDC, xUSDT, xBTC, xETH) present on 6 chains: Ethereum (~$178.9M TVL), Base (~$110M), Monad (~$50M), Arbitrum (~$25M), BSC (~$2.34M), Avalanche (~$13K). MultipliBridger contract identified with owner EOA 0x151799d9... (partial). Cross-chain xToken transfer capability is fundamental to the multi-chain deployment.
Threat intelligence & recon Green 11 8 of 8
RD-F-161 yellow Protocol-impersonator domain registered (typosquat) Confirmed active impersonation domain: mainnet-multipli.fi documented as a crypto-drainer site mimicking Multipli (multipli.fi) by PCRisk (April 24, 2025) and MalwareGuide (April 25, 2025). The fake site promotes a wallet-drainer contract that activates upon wallet connection. Per taxonomy definition (domain registered within last 90 days of assessment): mainnet-multipli.fi was first documented ~388 days before assessment (May 17, 2026) — outside the strict 90-day window. However the active impersonation ecosystem poses ongoing brand risk and user-harm risk. Profile §11 references multipli-fi.net as an additional potential scam site; this domain was NOT confirmed by public OSINT searches — only mainnet-multipli.fi has documented evidence as of assessment date. Score: yellow (domain outside 90-day registration window but active and documented; ongoing risk). RD-F-159 gray Attacker wallet pre-strike probe (low-gas failing txs) Applicable: EVM chain, mempool observable. No mempool probe pattern from threat-actor wallets against Multipli contracts found in public OSINT. No prior exploit indicating known attacker. Requires mempool listener + cluster feed subscription. RD-F-162 gray Known-exploit-template selector deployed by any address Applicable: ERC-4626 vault class has known exploit selector templates (share inflation, first-depositor attacks, oracle manipulation). No known-exploit-template deployment targeting Multipli vault selector set found in public OSINT. Requires on-chain new-deploy sweep with exploit-template selector DB. RD-F-163 gray Avg attacker reconnaissance time for peer-class protocols Applicable: for delta-neutral yield aggregator / ERC-4626 vault class, reconnaissance periods range from hours to 78 days (USPD baseline). No prior exploit against Multipli; this factor requires hack-DB analysis for the peer class and a backward-looking annotation (not a live trigger). No Lazarus or APT reconnaissance pattern against Multipli contracts found in public OSINT. M-method; requires curator hack-DB analysis. RD-F-164 gray Leaked credential on paste/sentry site Applicable: api.multipli.fi endpoint is active (feeds DefiLlama TVL adapter); docs reference support@multipli.fi; GitHub repo is public. No leaked credentials matching multipli.fi infrastructure found in public paste sites or public Sentry/credential-dump reports via OSINT search. Barebones GitHub repo (Barebones-MultipliVault) contains no production API keys by design. Requires paste/credential-dump feed subscription for comprehensive assessment. RD-F-165 gray Protocol social channel has scam-coordinator flag Applicable: protocol has community channels (X: @multiplifi confirmed; Discord/Telegram URLs not confirmed in profile). No Telegram/Discord admin flagged on curator scam-coordinator watchlist in public OSINT. Confirmed impersonation domain (mainnet-multipli.fi) does not indicate official channel compromise. Requires curator social watchlist for definitive assessment.
RD-F-158 green Known-threat-actor cluster has touched protocol Applicable: EVM, on-chain interactions observable. T-09 phase-2, Tier-C advisory. No Lazarus/DPRK/OFAC-listed wallet interactions with confirmed Multipli vault addresses (0xCF0Eb4ac018C06a16ED5c63484823C7805e7599D Avalanche xUSDC, 0x468BbabAEf852C134b584382C0fef83F2954Cd5c xBTC.b) found via public OSINT. Tornado Cash removed from OFAC SDN March 21, 2025; Lazarus Group wallets remain OFAC-listed. No Lazarus-attributed wallet interaction reported in Rekt/DeFiLlama. Rekt incidents empty. [?] 3-hop confirmation requires Chainalysis/TRM licensed feed.
RD-F-160 green GitHub malicious-dependency incident touching protocol deps Applicable: OpenZeppelin ERC-4626Upgradeable, AuthUpgradeable, PausableUpgradeable are confirmed dependencies (from GitHub repo). Solidity 0.8.30. Foundry toolchain. No GitHub Security Advisory (GHSA) filed against OpenZeppelin ERC-4626Upgradeable or Foundry in trailing 90 days (February – May 2026) as of assessment date. OZ contracts actively maintained. No CVE against Solidity 0.8.30. Optimizer runs=8 (low) — unusual but not a malicious-dependency signal.
Tooling / compiler / AI Green 8 5 of 5
RD-F-170 yellow Solc version used (known-bug versions flagged) All deployed V2 contracts use solc 0.8.30. This version is on the solc known-bug list: TransientStorageClearingHelperCollision (High, requires viaIR=true AND transient storage usage — neither condition met in deployed contracts: viaIR=false confirmed on VariableVaultFee on-chain metadata, no tload/tstore in MultipliVault source). LostStorageArrayWriteOnSlotOverflow (Low). VerbatimInvalidDeduplication (Low). High-severity bug trigger conditions absent from deployed code. Version is not at latest-safe (0.8.34+). RD-F-171 n/a Bytecode similarity to audited upstream with behavior deviation V2 is an original implementation with no audited upstream DeFi protocol to diff against. AI-copy-risk via bytecode similarity to audited upstream is not applicable.
RD-F-172 green Repo shows AI-tool co-authorship in critical files Barebones-MultipliVault has only 3 commits total (stripped public subset). No Co-authored-by trailers with AI tool signatures found in accessible commit metadata. Full development history is in a private repo — confidence is low by construction.
RD-F-173 green Team self-disclosure of AI-generated Solidity No public disclosure found (blog, X, docs) claiming AI-generated Solidity in security-critical paths. Protocol blog and documentation do not reference AI tooling for contract development.
RD-F-174 green Dependency tree uses EOL Solidity version solc 0.8.30 is a current, supported Solidity version (not EOL). Latest stable is 0.8.36 as of May 2026. 0.8.30 is actively maintained and receives security patches.
Response & disclosure hygiene Yellow 44 4 of 4
RD-F-176 red Disclosure SLA public No public acknowledgment-time SLA found for disclosed vulnerabilities. HackenProof program page requires submitters to provide PoC within 24h of discovery (submitter obligation) but no response or acknowledgment SLA from Multipli team is published. No SECURITY.md exists in the public GitHub repo (data cache: security_md_present: false; confirmed via GitHub repo analysis). No safe-harbor clause found. No disclosure policy page found. RD-F-175 yellow Disclosure channel exists A public disclosure channel exists: HackenProof bug bounty program (slug: multipli-smart-contracts, started 2026-02-24, max payout $10,000, scope: on-chain smart contract code). General support email support@multipli.fi is listed in FAQ (not a dedicated security address). Program started <3 months ago with no evidence of active prior monitoring. Max payout of $10,000 vs ~$366M TVL represents a 0.003% coverage ratio — extremely thin. No dedicated security@ email. Yellow: channel exists but program is thin and evidence of active monitoring absent. RD-F-177 gray Prior known-ignored disclosure No prior incidents exist. Cannot assess whether a disclosed vulnerability was ever ignored pre-exploit — no incidents to reference.
RD-F-178 green CVE/GHSA advisory issued against protocol No CVE or GHSA advisory found for multipli-libs, MultipliVault, or the Multipli protocol. GitHub Advisory Database web search returned no matches. NVD CVE database search returned no matches. Green: no advisory issued, or all advisories patched (none found).
rubric_version v1.7.0 graded_at 2026-05-17 11:48:38 factors 184 protocol multipli